[K12OSN] remote home directories

Brandon Kovach bkovach at logrog.net
Thu Sep 8 15:53:21 UTC 2005


Scott, that's pretty kewl and I understand how all that works except the
SSH key.

All I know about SSH is that I can do it.  I am in the dark about how to
make it go automagically as in the cron job you mentioned below.

> Brandon Kovach wrote:
>
>>I don't know anything about NIS, but I can learn.
>>
>>I was originally trying to authenticate to my Netware server, but
>> couldn't
>>make NCPFS work correctly.  At one point I had it working ... kinda ...
>>but it blocked everyone else from the servers.  All of them.  I decided
>>that I had enough time in that one and had done enough damage that I
>>needed to move on to another solution for now.
>>
>>
>>
>
>
> Brandon -
>
> To give you another alternative, I created a poor man's nis system using
> ssh and the followin script:
>
>
> #!/bin/sh
>
> /usr/bin/rsync -p -e ssh /etc/passwd $1:/etc/passwd
> /usr/bin/rsync -p -e ssh /etc/shadow $1:/etc/shadow
> /usr/bin/rsync -p -e ssh /etc/group $1:/etc/group
>
>
> the script is run from the main password server by cron (every 5min) and
> is called with the following command:
>
> pushpass clientserver
>
>
>
> then I exported a ssh key from my main password server to each of my
> client servers (so I don't need to login with a password).
>
> So I have 1 server machine, and 5 ltsp servers.  When a user is created
> on the main server, 5 min later they show up on all the ltsp servers.
>
> The reason I did it this way?  NIS is great - does everything I did
> above and more, but from any nis client machine if you do a "ypcat passwd"
>
> you get the password hash:
> scott:$1$Kj3gj3Yd$.jx34285SE6N.Ipp1nP1/Q91:2575:825:.....
>
> short time from there for a student to crack that invidual pwd.
>
> The way I'd do it with the time?  ldap.  But the above works for me.
>
> Just another alternative to chew on.
>
> Scott
>
>
>
> _______________________________________________
> K12OSN mailing list
> K12OSN at redhat.com
> https://www.redhat.com/mailman/listinfo/k12osn
> For more info see <http://www.k12os.org>
>


-- 
Life is a race.  Don't lose.




More information about the K12OSN mailing list